Formal

joinformal.com

Least privilege, enforced at the wire-protocol level — on autopilot.

Visit
Formal screenshot
/ About /

Formal is a protocol-aware reverse proxy that deploys as a single stateless binary in your VPC to secure access to databases, APIs, and infrastructure. It parses 15+ wire protocols natively and enforces real-time security policies — including PII masking, just-in-time access, and query-level controls — with sub-10ms overhead. It requires no application code changes, supporting use cases from database access governance to AI agent security.

/ How it works /

A single stateless binary is deployed in the user's VPC and all connection strings are routed through it, allowing Formal to parse wire protocols natively and evaluate security policies inline on every query and session in real time.

/ Who it's for /

Security engineers and platform teams managing access to databases, APIs, and infrastructure

/ More info /

Background.

Status
launched
Business model
unknown
Company
Formal
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.